Homeland Security Daily Open Source Infrastructure Report for 23 August 2010
advertisement
Homeland Security Current Nationwide Threat Level ELEVATED Daily Open Source Infrastructure Report for 23 August 2010 Significant Risk of Terrorist Attacks For information, click here: http://www.dhs.gov Top Stories • Malware may have been a contributory cause of a fatal Spanair crash that killed 154 people near Madrid, Spain two years ago, according to The Register. (See item 17) • Associated Press reports that the U.S. for the first time is publicly warning about the Chinese military’s use of civilian computer experts in clandestine cyber attacks aimed at American companies and government agencies. (See item 42) Fast Jump Menu PRODUCTION INDUSTRIES • Energy • Chemical • Nuclear Reactors, Materials and Waste • Critical Manufacturing • Defense Industrial Base • Dams SUSTENANCE and HEALTH • Agriculture and Food • Water • Public Health and Healthcare SERVICE INDUSTRIES • Banking and Finance • Transportation • Postal and Shipping • Information Technology • Communications • Commercial Facilities FEDERAL and STATE • Government Facilities • Emergency Services • National Monuments and Icons Energy Sector Current Electricity Sector Threat Alert Levels: Physical: ELEVATED, Cyber: ELEVATED Scale: LOW, GUARDED, ELEVATED, HIGH, SEVERE [Source: ISAC for the Electricity Sector (ES-ISAC) [http://www.esisac.com] 1. August 20, Associated Press – (Maryland; Washington D.C.) Pepco, criticized for power outages that lasted for days, issues reliability plan. Pepco, the utility company that has been criticized for storm-related power outages that sometimes lasted for days in Maryland and Washington D.C., has released a plan to improve its reliability. The utility said the five-year plan, released August 19, will cost more than $250 million. The plan includes more tree trimming to increase space between overhead wires and trees, and increased study of electrical distribution lines to -1- determine cause of outages and how to fix them. The plan also includes replacing underground cable, some of which was installed during the 1970s, and improving substations. Pepco, a unit of Pepco Holdings Inc., provides service in Washington D.C. and Prince George’s and Montgomery counties in Maryland. Source: http://www.canadianbusiness.com/markets/market_news/article.jsp?content=D9HN8A 6O0 2. August 20, WJBK 2 Detroit – (Michigan) Wicked weather leaves 64,000 without power. The summer of severe storms continued as another round of wicked weather made its mark on metropolitan Detroit, Michigan. DTE Energy said about 64,000 customers are without power following thunderstorms August 19 bringing wind gusts of up to 75 miles per hour. The National Weather Service issued tornado warnings, but no funnel clouds were confirmed and much of the damage appeared to be from straight line winds. Source: http://www.myfoxdetroit.com/dpp/weather/70,000-without-power-followingstorm-20100819-wpms [Return to top] Chemical Industry Sector 3. August 20, azfamily.com – (Arizona) Pilot burned when crop-dusting plane crashes near Buckeye. A crop-dusting plane crashed in the desert near Buckeye, Arizona August 19, and authorities say it’s not the first time the pilot has been involved in a crash. The plane crashed as it was taking off from a private airstrip in the far West Valley just moments after the pilot had filled up with a fresh load of pesticides. It went down near Pecos and Tuthill roads, caught fire and was destroyed. According to a captain with the Phoenix Fire Department, the pilot suffered second- and third-degree burns to his chest, arms and face. He was transported to Maricopa Medical Center. The pilot, identified only as a man in his 50s, was listed in critical but stable condition the evening of August 19. Because the pilot was covered with pesticides, hazardous materials crews were called in to help decontaminate the pilot, the helicopter crew and hospital personnel who treated the pilot. The medical center did not have to close during the incident. According to a Maricopa County sheriff’s deputy, the same pilot flying a different plane was involved in a crash near the same airstrip in April. He was not hurt in that crash. Source: http://www.azfamily.com/news/local/Small-plane-crashes-in-Rainbow-Valley101098864.html 4. August 19, KHAS 5 Hastings – (Nebraska) Ethanol spill closes portion of Highway 30. A hazardous materials spill early August 19 near Wood River, Nebraska, closed a portion of Highway 30 for roughly 2 hours. Authorities also stopped trains along the adjacent Union Pacific railroad line. Just before 4 a.m., Wood River firefighters were called to the Pioneer Trails ethanol plant near Wood River to respond to an ethanol spill from an 8,000 gallon storage tank. News 5 was told the spill was contained to the -2- facility and no injuries were reported. Highway 30 and the rail line were reopened just after 5:30 a.m. after air monitoring showed no hazard to traffic along the highway or adjacent railroad. Source: http://www.khastv.com/news/local/Ethanol-spill-closes-portion-of-Highway30-101115949.html [Return to top] Nuclear Reactors, Materials and Waste Sector 5. August 20, Denver Post – (Colorado; New Mexico) Uranium mill closing may be temporary. Cotter Corp. will dismantle its toxic waste ponds and buildings at a uranium mill south of Canon City, Colorado, but it intends to keep its license from state regulators to operate at the site and may re-open, the vice president for operations said August 19. Accelerated efforts to close down contaminated facilities at the Superfund clean-up site are aimed at clearing a path for possible uranium processing in the future and do not indicate Cotter plans to leave the 2,600-acre site, the vice president said. “We can decommission parts of the facility without moving towards license termination,” he said. “Our intention is ... to clear the path for new construction in the future.” No date has been set or plans submitted for that construction. A new state law requires uranium mill operators to clean up existing messes before launching new projects. Cotter opposed that law and, before it was passed, warned it could kill a proposed project to haul uranium from a mine in New Mexico by train and process it at the mill. Recent Cotter letters to U.S. Environmental Protection Agency and Colorado Department of Public Health and Environment regulators indicated Cotter was moving to close down facilities and no longer would test air for emissions of cancer-causing radon. Source: http://www.denverpost.com/breakingnews/ci_15831720 6. August 19, Bay City Tribune – (Texas) NRC asks for more details. South Texas Project Nuclear Operating Company received a notice of violation from the Nuclear Regulatory Commission (NRC) August 13 due to missing details in the Units 3 and 4 application when an Aircraft Impact Assessment (AIA) was performed. “It is the lowest level of violation,” an NRC spokesman said. A few years ago the NRC issued the AIA rule stipulating that all applicants planning to build or expand new nuclear power plants in the United States must assess the ability of their reactor designs to avoid or mitigate the effects of a large commercial aircraft impact. Source: http://baycitytribune.com/story.lasso?ewcd=f15252ea522f1f4e [Return to top] Critical Manufacturing Sector 7. August 20, Pottsville Republican & Herald – (Pennsylvania) Fire damages Mahanoy Township plant. Fire damaged a building on the grounds of the Fabcon plant in Mahanoy Township, Pennsylvania, early August 19. Firefighters from Mahanoy City -3- were called to the site at about 1:20 a.m. for a report of a commercial structure fire. Onscene fire crews found smoke inside a detached building behind the company’s main manufacturing facilities. The Mahanoy City fire chief said the fire was accidental, caused when a steam pipe came in contact with combustible materials inside the building. Fabcon manufactures and erects precast concrete wall panels. Firefighters were able to bring the fire under control in less than 30 minutes and remained on scene while the building was cleared of smoke and the fire determined to be completely extinguished. No injuries were reported. Company personnel at the scene said the structure houses machinery used to manufacture the concrete panels. Source: http://republicanherald.com/news/fire-damages-mahanoy-township-plant1.961103 8. August 19, San Diego Union-Tribune – (California) Fire damages Miramar business. An intense two-alarm fire that took an hour and a half to extinguish ripped through a San Diego, California manufacturing business August 19, causing more than $2 million in damage. The 2:30 a.m. blaze at the HI-Q Environmental Products Co. was fueled by carbon, silver nitrate and other supplies used in the making of air monitoring and sampling equipment, said a San Diego fire department spokesman. The blaze produced thick heavy smoke and flames that shot 20 feet high from the roof. The roof collapsed in several places, so firefighters could not attack it from inside the building. They stayed outside and battled the flames with torrents of water. Fire officials were also concerned about the kind of substances burning, but a hazardous-materials team determined they would not cause additional problems. Source: http://www.signonsandiego.com/news/2010/aug/19/miramar-industrialbuilding-burns/ [Return to top] Defense Industrial Base Sector 9. August 20, Aviation Week – (National) MDA eyes missile-detecting infrared pod. In its efforts to develop an unmanned aerial system capable of detecting boosting ballistic missiles, the U.S. Missile Defense Agency (MDA) is focusing on a sensor pod that could fly on existing UAVs, rather than a new, integrated UAV design. General Atomics Reapers, with the Raytheon MTS-B electro-optical/IR/full-motion video sensor, have proven the ability to detect and track a boosting missile from greater than 621 miles with “remarkable resolution,” the commander of the MDA told reporters at the Space and Missile Defense Conference. MDA is doing the groundwork to see what qualities an objective sensor would need and how the data would be integrated into the larger sensor cueing and command and control architecture. The ultimate goal is to link all sensors and shooters into a networked system. A specific ABIR fleet of UAVs is cost prohibitive, so now the focus is on designing the pod, which could be flown on an Air Force system such as Reaper. Global Hawk also could be an option. Source: http://www.aviationweek.com/aw/generic/story_channel.jsp?channel=defense&id=new s/asd/2010/08/20/02.xml&headline=MDA Eyes Missile-Detecting Infrared Pod -4- 10. August 18, Space News – (National) Airborne laser test delayed by component failure. The U.S. Missile Defense Agency (MDA)’s planned August 17 flight test of the Airborne Laser system was postponed when one of its cooling systems failed in preparation for the test, the agency’s top official said August 18. The Airborne Laser, a modified 747 aircraft designed to zap ballistic missiles with a high-power laser, was being prepared for its third intercept test at Edwards Air Force Base in California. A commercial-off-the-shelf cooling system for the aircraft’s tracking laser failed, and its replacement is now being installed, the MDA’s director told reporters at the Space and Missile Defense conference. The agency is targeting August 21 for the next attempt, he said. The Airborne Laser was originally conceived to be an operational system for boost-phase missile defense, but has since been relegated to a technology development platform. In its first shoot-down test in February, the aircraft destroyed a boosting sounding rocket. Eight days later, it returned to the sky and destroyed its first threatrepresentative target missile but was then unable to destroy a second target. For the upcoming flight test, the Airborne Laser will attempt to destroy a target missile from twice the distance of previous tests, MDA officials have said. The MDA does not disclose actual standoff distances for flight tests. Source: http://www.spacenews.com/military/100818-abl-test-delayed.html [Return to top] Banking and Finance Sector 11. August 20, BNO News – (Oregon) Bomb threat at Aloha, Oregon bank closes highway. A bomb threat at a bank in Aloha, Oregon forced the closure of a busy highway for nearly two hours August 19, authorities said. Deputies of the Washington County Sheriff’s Office responded to a 911 call from the bank located at 19091 SW Tualatin Valley Highway in Aloha at approximately 5.56 p.m. The highway is locally better known as TV Highway or Highway 8. “The caller made undisclosed demands and threatened to detonate a bomb in or near the bank if those demands were not met,” said a police sergeant. “Sheriff’s deputies quickly arrived on the scene and shut down SW TV Highway at SW 185th Avenue and SW 198th Avenue to protect motorists.” The bank and some adjacent business were evacuated while the metropolitan explosives disposal unit looked for an explosive device, but they did not locate anything suspicious. Source: http://wireupdate.com/local/bomb-threat-at-aloha-oregon-bank-closeshighway/ 12. August 19, Tech News Daily – (International) Top phishing gang turns to Malware. An Internet security report released August 20 said phishing attacks dropped 10 percent from April to June 2010 year-over-year. While reassuring at first glance, the report states cybercriminals have shifted their schemes from old-school phishing e-mail attacks — which are designed to trick users into revealing personal information — to distributing Zeus malware, a more insidious form of cybercrime. Phishing attacks by Avalanche, one of the most prolific cybercriminal gangs (responsible for two-thirds of the world’s phishing attacks in the second half of 2009), have disappeared, but other -5- criminals have moved in to take its place, according to Internet Identity (IID). Phishing targets have shifted from banks to gaming, e-commerce and social networking sites, aiming to steal log-in information. However, Avalanche and others have turned to distributing Zeus malware which is capable of hijacking computers, then stealing banking, social networking and e-mail account logins, and making that information available as part of a criminal network. Once the malware has entered the user’s computer, the identity theft is automatic ― eliminating the need for the unsuspecting user to supply personal information in response to a fraudulent email. The U.S. continues to lead the world as the top hosting country for the origin of phishing scams. Canada moved from seventh to second in the report. Germany, U.K., France round out the top five. Russia and China are at the bottom of the list, according to the IID report. The sources for Zeus malware show a different worldwide distribution. Europe takes the top spot with 24 percent of malicious addresses, followed by China at 22 percent and the U.S. at 18 percent, reported Russian-based security software provider, Kaspersky Labs. Source: http://www.technewsdaily.com/top-phishing-gang-turns-to-malware-1071/ 13. August 19, Gainesville Sun – (National) Credit card skimmers may be part of international scam. The rash of credit card fraud cases connected to skimmers on area gas pumps appears to be part of an international scam, according to the National Association of Convenience Stores (NACS) and the Alachua County Sheriff’s Office (ACSO). Federal investigators said the scam is widespread in Florida — primarily along interstates — and has been found in other states. Florida has become a prime target for credit card skimmers at gas stations this summer in large part because of its ranking as third behind California and Texas in the number of convenience stores, according to the nation’s largest convenience store trade organization. The Sunshine State is home to 9,223 convenience stores, and 7,280 of those stores — or almost 79 percent — have gas pumps, according to NACS, which represents 49 of the 50 top convenience store chains in the nation. An ACSO spokesman said one pattern investigators have noticed is that the card numbers are not used in the same area where they were stolen. Investigators in St. Johns County had documented about 200 victims so far this year, with most reporting card thefts during the summer months. The spokesman said he expects at least 200 victims to be identified in Alachua County this year. Source: http://www.gainesville.com/article/20100819/ARTICLES/100819347/1/news?Title=Credit-card-skimmers-may-be-part-of-international-scam&tc=ar 14. August 19, Maine Public Broadcasting Network – (National) Maine AG warns of credit card scam. Maine’s attorney general is warning people to beware of an “advance fee” credit card scam that’s targeting Maine residents. The attorney general said the scammers, who claim to be from “PeoplesChoice Savings,” are offering a credit card with a $2,000 credit line. In exchange, they ask for $200 and the victim’s bank account information so they can withdraw the funds. Officials with the PeoplesChoice Credit Union, which has several branches in southern Maine, said they have received several calls from consumers about the offer, which they emphasize they have nothing to do with. The attorney general said such advance fee credit card offers -6- are fraudulent, and prey on people desperate for cash. She said consumers should never give out bank account or other personal identifying information over the phone or Internet without confirming the requestor’s identity. Source: http://www.mpbn.net/Home/tabid/36/ctl/ViewItem/mid/3478/ItemId/13245/Default.asp x 15. August 19, KGTV 10 San Diego – (California) Man claiming to have bomb in bank robbery arrested. A suspected bank robber who claimed to have a bomb while robbing a bank in San Diego, California was arrested August 19, according to authorities. The incident happened at the Wells Fargo Bank on 685 Saturn Boulevard shortly after 5 p.m. According to police, the 45-year-old suspect entered the bank and said he had a bomb inside a fanny pack. Police said a teller was able to call authorities, and they arrested the suspect after he left the bank with an undisclosed amount of money. The suspect apparently left the fanny pack behind. Police said the suspect claimed to have an accomplice, and employees and bank customers were able to safely evacuate the branch as police summoned a bomb-sniffing dog to the scene. No bomb or threatening device was found, police said. Source: http://www.10news.com/news/24694586/detail.html 16. August 19, WTVC 9 Chattanooga – (Tennessee) Arrest made in attempted Ringgold bank robbery. A bomb scare at a Ringgold, Tennessee bank shut down the area off Highway 151 for several hours August 19. Police said it was an attempted robbery, and they have got one man in custody. It started with a phone call to FSG bank on Poplar Springs Road around 2 p.m. “They (bank employees) told us that he called on the phone and said there was an explosive device somewhere,” said the Ringgold police chief. That call sent five police and fire agencies to the area with guns drawn. Authorities soon evacuated the building. All of the FSG bank employees got out unharmed. The police chief said after a few tense moments, they caught the man in the parking lot. He said the man never got into the building, but because of the bomb threat, the GBI Bomb Squad sent in a bomb defusing robot to assess the situation. However, investigators found no evidence of a bomb. Source: http://www.newschannel9.com/news/bank-993969-squad-called.html [Return to top] Transportation Sector 17. August 20, The Register – (International) Trojan-ridden warning system implicated in Spanair crash. Malware may have been a contributory cause of a fatal Spanair crash that killed 154 people two years ago. Spanair flight number JK 5022 crashed with 172 on board moments after taking off from Madrid’s Barajas Airport on a scheduled flight to Las Palmas, Spain August 20, 2008. Just 18 survived the crash and subsequent fire aboard the McDonnell Douglas MD-82 aircraft. The airline’s central computer, which registered technical problems on planes, was infected by Trojans at the time of the fatal crash and this resulted in a failure to raise an alarm over multiple problems, according -7- to Spanish daily El Pais. The plane took off with flaps and slats retracted, something that should in any case have been picked up by the pilots during pre-flight checks or triggered an internal warning on the plane. Neither happened, with tragic consequences, according to a report by independent crash investigators. The accident on take-off happened after pilots had abandoned an earlier take-off attempt, and a day after two other reported problems on board. If the airlines’ central computer was working properly, a take-off after three warnings would not have been allowed, thereby averting the tragedy. A mechanic who checked the plane before take-off, and an airport maintenance chief, are under investigation and face possible manslaughter charges. An investigating judge has ordered Spanair to supply data on the state of its systems at the time of the crash. An investigation commission is due to report on the case by December. Source: http://www.theregister.co.uk/2010/08/20/spanair_malware/ 18. August 20, WBZ 38 Boston – (Massachusetts) Gas released on MBTA subway in chemical attack tests. Scientists will be in Boston’s subway system August 20 for a homeland security test involving the release of non-toxic gases. The weeklong study, commissioned by the federal Homeland Security Department, will analyze how particles would spread in a terror attack and how to minimize the impact of airborne assaults on the nation’s subway systems. A non-toxic, odorless gas will be released into the MBTA subway system during the afternoon commute August 20. Researchers in subway cars, at T stations and in the tunnels will test the air to see how the gases spread. The tests will continue over the next week. MBTA service is not expected to be affected. A similar eight-day test was conducted in December. Source: http://wbztv.com/local/mbta.chemical.tests.2.1870200.html 19. August 19, Fort Worth Star-Telegram – (Texas) Love Field shut down temporarily after police chase onto runways. A pickup driver who led Dallas police on an hourlong chase August 19 before crashing through a fence at Dallas Love Field stole the truck at knifepoint August 18 from a downtown Fort Worth hotel parking lot, police reported. A Dallas patrol officer rammed the pickup with his car alongside a busy airport runway, stopping the man, according to a news release from Dallas police. Both major runways were closed from about 3:20 to 3:30 p.m. The driver was arrested. He complained of chest pain and was taken to a hospital, according to Dallas police. The suspect was expected to be released August 19, and then taken to a police station for questioning, they said. Source: http://www.star-telegram.com/2010/08/19/2414726/love-field-shut-downtemporarily.html 20. August 19, Baltimore Sun – (Maryland) CSX says broken rail caused derailment in tunnel. CSX Transportation has determined that the cause of tje August 5 derailment in the Howard Street Tunnel in Baltimore, Maryland was defective track, a spokesman said. The spokesman said “there’s no doubt” that a broken rail caused 13 cars to jump the tracks in and near the more than 100-year-old tunnel — the site of a more serious derailment in 2001 that led to a chemical fire that disrupted downtown Baltimore for a week. The spokesman said the railroad had not determined what led to the break, but he -8- said such damage typically is caused by an internal defect. Source: http://www.baltimoresun.com/news/maryland/bs-md-brief-csx-derailment20100819,0,646264.story 21. August 19, WUSA 9 Washington – (Virginia) Fixing bridges in storm’s aftermath. In the aftermath of the powerful storms that swept through the Washington, DC area August 18, Virginia Department of Transportation crews were busy trying to fix what heavy rain and flooding left behind. In Vienna and McLean two bridges buckled. At the bridge at Browns Mill Road and Beulah Road, the crumbled street had branches popping out of it. At Swinks Mill Road near Georgetown Pike, a massive tree came down on a fire hydrant knocking out water for residents. It also damaged part of the bridge structure. The fix will not be completed until August 20. Source: http://www.wusa9.com/news/local/story.aspx?storyid=108079&catid=158 22. August 19, KATU 2 Portland – (Washington) FAA says pilot should have known about restricted air space. The Federal Aviation Administration (FAA) said the pilot who breached restricted air space during the U.S. President’s visit to Seattle, Washington August 17 had been given ample notice about the restriction.The pilot and his girlfriend were flying home to Sammamish, Washington from Lake Chelan, Washington when they breached restricted air space, prompting two F-15s to scramble from Portland, Oregon. The girlfriend said the pilot simply made a mistake. But the FAA said it posted a notice about the no-fly zone well before the man took off August 17, and if he did not know about it, he should have known about it. The pilot’s mistake also led to a near catastrophe in Pierce County where thousands called 911 after hearing the sonic booms, effectively jamming the emergency response system. Officials said 28 out of the 30 phone lines dispatchers typically use died, and no emergency calls could get through for a half hour. The collapse of the 911 system is now under investigation. Source: http://www.katu.com/news/local/101038494.html 23. August 19, FOXNews.com – (New Jersey) TSA screeners overlooked knife in passenger’s bag, report says. Transportation Security Administration (TSA) screeners at a major U.S. airport missed finding a knife tucked inside a passenger’s bag and may not have taken the proper precautions when handling a hazardous device. TSA workers at New Jersey’s Newark Liberty Airport failed to spot a knife inside a passenger’s bag, law enforcement sources told MyFoxNY.com. The passenger voluntarily turned it over to authorities minutes before boarding the flight, and was allowed to get on the plane without being interviewed, the station said. Law enforcement sources said TSA screeners also may have improperly handled a smoke bomb — the size of a dynamite stick — that was reportedly found inside a passenger’s bag on the same day. That passenger also was allowed to board the plane. The TSA, however, has refuted part of the report, saying the device apprehended was not a bomb — it was a firework — and that its officers “did follow proper protocol for handling hazardous material.” A spokeswoman for the TSA told Foxnews.com that the person carrying the device was interviewed by Port Authority police and was not arrested. She said that the individual carrying what she described as a “three-inch folding knife” was allowed on the plane -9- only after being interviewed by officers. “The TSA identified the officer responsible for missing the knife and she will be sent for remedial training,” she said. Source: http://www.foxnews.com/us/2010/08/19/tsa-screeners-missed-finding-huntingknife-inside-passengers-bag-report-claims/ 24. August 19, Dallas Morning News – (National) American union threatening to leave FAA safety program. American Airlines’ mechanics union has threatened to quit a key aviation safety program, arguing that federal inspectors have used it to investigate its workers. The disagreement is the latest dispute between Fort Worth-based American and the Federal Aviation Administration (FAA), which has closely scrutinized the carrier’s maintenance practices for more than two years. The program at issue, known as ASAP, encourages pilots, mechanics and other airline workers to self-report safety violations to the FAA in exchange for immunity from punishment. To be accepted into the program, an airline worker must be the sole source of a report, which can not involve falsification, intentional misconduct, or alcohol or drugs. In a letter outlining its concerns, the Transport Workers Union cited 16 recent reports in which American mechanics disclosed violations that the union said should have shielded them from further investigation. An FAA spokesman said the 16 reports were rejected because they did not meet the criteria for acceptance into ASAP. Source: http://www.tradingmarkets.com/news/stock-alert/amr_american-unionthreatening-to-leave-faa-safety-program-1121547.html 25. August 19, San Francisco Bay City News – (California) Threat that grounded plane at SFO was made to hotel In Alameda. A scare that grounded an American Airlines flight for several hours at San Francisco International Airport in California August 19 appears to have stemmed from a threatening phone call made to a hotel in Alameda. The call was received by a front desk clerk at the Hampton Inn and Suites, the hotel’s general manager said. He said the caller was a man with an unidentified accent who said he was going to hijack American Airlines Flight No. 24. An Alameda police lieutenant said police received a report at 9:09 a.m. that a clerk received a call from a stranger who had made a threat against an airliner. Police investigated and determined the threat was specific enough that it merited contacting federal authorities. Flight 24 was initially scheduled to depart at 7:40 a.m. for John F. Kennedy International Airport in New York but was delayed for unrelated reasons until 9:15 a.m., passengers said. Police got the call just before the flight was scheduled to take off and notified the FBI, prompting authorities to hold the plane on the tarmac for several hours. Two passengers were detained for questioning and one man was led off the plane in handcuffs, but police said late August 19 that no one remained in custody. The flight was carrying 163 passengers and 11 crewmembers, an American Airlines spokeswoman said. The passengers were removed from the plane and were taken to a terminal for screening, a San Francisco police sergeant said. Passengers on Flight 24 were rebooked on other flights. Source: http://sfappeal.com/alley/2010/08/threat-that-grounded-plane-at-sfo-was-madeto-hotel-in-alameda.php For another story, see item 4 - 10 - [Return to top] Postal and Shipping Sector 26. August 19, Associated Press – (Colorado) Boulder police investigate mailbox explosions. Police in Boulder, Colorado are investigating what appears to be the latest in a series of homemade explosive devices being set off in the area. Police said four mailboxes in north Boulder were damaged August 18 by what appear to be pipe-type explosive devices. The incidents follows reports of homemade explosives found in neighborhoods in the Niwot and Gunbarrel areas. Boulder County sheriff’s deputies found the remains of four explosive devices last week around a swimming pool. Plastic bottles were filled with a chemical and aluminum foil that generated explosive hydrogen gas. In July, Lafayette police found at least two pipe bombs in a city park. One had been detonated. Source: http://cbs4denver.com/wireapnewsco/Boulder.police.investigate.2.1869845.html 27. August 19, New Jersey Local News Service – (New Jersey) Powder in letter causes HazMat scare at Hillsborough business. The Somerset County Hazardous Materials Team in New Jersey was dispatched to an office complex on Amwell Road in Hillsborough, New Jersey August 18, after a business received a threatening letter containing a white powdery substance, police said. Police said a business at 390 Amwell Road received an envelope containing a letter threatening one of its employees shortly before 6 p.m., and two employees felt minor discomfort after being exposed to the powdery substance contained inside. The employees were transported to Somerset Medical Center for evaluation while the Somerset Hazardous Materials Team and the Hillsborough Office of Emergency Management responded to the scene. The employees were later released from the hospital, and results of the medical examination and information from the business complex showed no evidence that the powdery substance was hazardous. The investigation was ongoing, according to authorities. Source: http://www.nj.com/news/local/index.ssf/2010/08/powder_in_letter_causes_hazmat.htm l [Return to top] Agriculture and Food Sector 28. August 20, Des Moines Register – (Iowa) Ammonia leak forces Lacona evacuation. A leaking pipe on an anhydrous ammonia tank at the South Central CoOp, a farmer-owned agriculture coop, forced portions of Lacona, Iowa, a town of 350, to evacuate for many hours August 19. The leak began after 10 a.m. A resident called 911 after spotting something coming from one of the co-op’s half dozen 33,000-gallon tanks. Firefighters went door to door in the immediate area to alert residents, and an automated calling system alerted the rest of the community about the danger. Officials - 11 - opened a temporary shelter at Southeast Warren Junior-Senior High School in Liberty Center, about 10 miles away. The Warren County Emergency Management director said a broken pipe that runs beneath the large anhydrous ammonia tank was the leak’s source. An investigation will attempt to determine why the leak started. It was not immediately known how much ammonia was inside the tank or how much escaped. The Des Moines Fire Department’s hazardous-materials team helped shut down the leak, and residents were allowed to return to homes and businesses by 1 p.m. Source: http://www.desmoinesregister.com/article/20100820/NEWS/8200354/1/GETPUBLISHED03scripts/Ammonia-leak-forces-evacuation 29. August 20, KTVZ 21 Bend – (Oregon) Fire damages Chan’s Restaurant in Bend. A smoky attic fire heavily damaged a popular Chinese restaurant in southeast Bend, Oregon August 20, forcing evacuation of nearby apartment residents, and closure of Third Street for hours. The first calls of smoke in the area came in around 2 a.m. Fire crews battled the blaze from outside and investigators were waiting for the building to be deemed safe to enter and look for the cause. About 20 to 30 residents of an apartment complex behind the restaurant were awakened and evacuated as a precaution but were allowed to return home after sunrise as the fire was put out and mopped up. Third Street was shut between Reed Market Road and McKinley Avenue for about four hours, with authorities urging motorists to avoid the area. It reopened around 6 p.m. A Bend deputy fire marshal said there was a small amount of smoke damage, but significant water damage to the restaurant itself. The initial loss was estimated to be $500,000. Source: http://www.ktvz.com/news/24700036/detail.html 30. August 19, KSL 5 Salt Lake City – (Utah) Salt Lake Quiznos customers may be at risk of hepatitis A. Salt Lake Valley health workers in are warning the public about a case of hepatitis A found in an employee of a downtown Salt Lake City, Utah Quiznos. They say people who ate at the sandwich shop on 30 East and 300 South between August 5 and August 7 may be at risk for hepatitis A and should receive a hepatitis A vaccine or an immune globulin injection as soon as they can. People who ate at that store before those dates may have been exposed to hepatitis A also but would not benefit from an immunization. Quiznos will cover the cost of immunizations, which are available at the Salt Lake Valley Heath Department City Clinic. Health workers said there is no current risk of exposure. “It’s only at that one specific Quiznos location, and they’ve been very cooperative; and this establishment was inspected this morning (August 19) and looked very good,” an epidemiologist with the Salt Lake Valley Health Department said. Source: http://www.ksl.com/?nid=148&sid=12068340 31. August 19, WGAU 1340 Athens – (Georgia) Food warehouse busted. An allegedly illegal food warehouse was busted in Athens, Georgia. The state department of agriculture said the Mid State Services Warehouse was unlicensed and unhealthy. The warehouse stocked mostly snack food that was sold to inmates in jails in Georgia and in other states. U.S. Marshals, the U.S. Food and Drug Administration, and Georgia agriculture officials seized almost $900,000 in food products. No charges have been - 12 - filed, but the investigation is ongoing. Source: http://1340wgau.com/localnews/2010/08/food-warehouse-busted.html 32. August 19, KBAK 29 Bakersfield – (California) 82-square-mile quarantine declared for melon fruit fly. Six melon fruit flies were caught in traps the week of August 9 near Mettler, California, about 25 miles south of Bakersfield. The flies have the potential to devastate Kern County’s agriculture industry. “I think every farmer’s probably concerned about it, and I think they’d be lying if they weren’t,” a local farmer said about the flies. The problem with the fly is that it lays its eggs in fruit, making it inedible. Because five flies were found in a single trap, an 82-square mile quarantine is now in effect. The earliest it could be lifted is April 2011. “An insect of this magnitude could potentially devastate not only Kern County, but the whole state’s $45 billion industry,” Kern County’s agricultural commissioner said. The flies were found near a pepper field northwest of Mettler. Since August 16, crews from the California Conservation Corps and the California Department of Food and Agriculture are working to remove every single pepper from the field. Source: http://www.bakersfieldnow.com/news/local/101127014.html 33. August 19, CNN – (National) CDC: Tainted eggs may have sickened hundreds in recent months. The salmonella outbreak that led to the recall of 380 million eggs was preventable and will likely grow, federal officials said August 19. Hundreds of Americans likely have become ill from tainted eggs in recent months, according to estimates from the Centers for Disease Control and Prevention (CDC), a CDC spokeswoman said August 19. From May 1 to July 31, a total of 1,953 cases of Salmonella enteritidis were reported; the expected number of such cases ordinarily in that time would be about 700, the acting director of the CDC’s division of food-borne, waterborne and environmental diseases said in a conference call August 19. The CDC is not yet sure exactly how many cases can be attributed to this particular outbreak. The salmonella outbreak prompted Wright County Egg of Galt, Iowa, to increase its recall August 18 to 380 million eggs. The number of salmonella cases is expected to grow because any that occurred after July 17 may not yet be reported due to a two- to threeweek lag between when a person becomes sick and when the case gets reported in the system, the CDC said. Source: http://www.cnn.com/2010/HEALTH/08/19/eggs.recall.salmonella/index.html?eref=rss _latest&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+rss/cnn_l atest+(RSS:+Most+Recent) 34. August 18, Associated Press – (National) AP poll: Majority not confident Gulf seafood, water safe. A majority of Americans are not convinced it is safe to eat seafood from parts of the Gulf of Mexico or take a dip in its waters, a new Associated Press poll shows. Gulf fisheries are beginning to reopen more than three months after the oil began gushing from BP’s busted well, and the U.S. Food and Drug Administration (FDA) asserts that seafood from reopened areas or those unaffected by the spill are ready for public consumption. The FDA said that although crude has the potential to taint seafood with flavors and odor caused by exposure to hydrocarbon - 13 - chemicals, people should not worry about the safety of seafood in stores. “There’s nothing wrong with Gulf seafood, because it’s tested probably more than any seafood that’s being removed right now,” a retired Coast Guard admiral said during a press briefing August 18. The Associated Press-GfK poll that surveyed 1,007 adults nationwide between August 11-16, found that 54 percent did not trust the seafood and 55 percent were not confident the beaches in the affected areas were safe for swimming. The Gulf accounts for a majority of the domestic shrimp and oysters eaten by Americans and about 2 percent of overall U.S. seafood consumption. Source: http://content.usatoday.com/communities/greenhouse/post/2010/08/ap-poll-bpimages/1 [Return to top] Water Sector 35. August 19, U.S. Environmental Protection Agency – (Iowa) Decision on Iowa’s Water Quality Standards. The U.S. Environmental Protection Agency (EPA) has approved revised Iowa water quality standards to support recreational activities and the protection of aquatic life. The approved water quality standards verify the state’s designated uses for 64 water body segments in Iowa. Iowa Department of Natural Resources (IDNR) submitted new and revised Iowa surface water quality standards to EPA for review and approval, as required by the Clean Water Act. The state based its recommendations on specific field data gathered by representatives of IDNR in Iowa streams, lakes, and rivers. Designated recreational uses protect water quality for activities such as swimming, fishing and canoeing, and human consumption of aquatic life. Aquatic life uses provide for the protection and maintenance of a healthy environment for fish and other animals. Source: http://yosemite.epa.gov/opa/admpress.nsf/0/DA3E3B0EC0F4B900852577840075DB0 0 36. August 18, KFDA 10 Amarillo – (Texas) Canyon wastewater spill. Pipes have been repaired after 80,000 gallons of wastewater spilled in south Randall County, Texas. The City of Canyon said it happened August 17 on south Western Street about four and a half miles south of Canyon. They said a pressure surge in the pipeline caused a failure of the controls at the pump station. The wastewater was cleaned up and the area was disinfected. The water did not make it onto any private property. Source: http://www.newschannel10.com/Global/story.asp?S=13005923 37. August 18, KXXV 25 Waco – (Texas) Waco issues emergency water conservation. The City of Waco, Texas, is making an emergency request to eliminate all irrigation for the next few days. The request is due to a 48-inch raw water line to the Mount Carmel Water Treatment Plant rupturing August 18. Officials said there is a backup 36-inch line to the plant, however, the volume that can be supplied to the water treatment plant and then to the distribution system is reduced. A minimum of three days of repair is anticipated, with a longer repair time probable. Officials are asking - 14 - residents to conserve water as much as possible during this time. The City of Woodway has also issued a boil order as a precaution for residents west of Estates Drive and Hewitt Drive. Source: http://www.kxxv.com/Global/story.asp?S=13008487 For another story, see item 21 [Return to top] Public Health and Healthcare Sector 38. August 20, Mt.Carmel Daily Republican Register – (Indiana) Whooping cough confirmed in Wabash County; residents urged to get vaccinated. At least one confirmed case of pertussis has recently been reported in Wabash County, Indiana as well as seven confirmed cases in neighboring Lawrence County. A Wabash County Health Department administrator is urging members of the community to get vaccinated to prevent the spread of this highly contagious respiratory tract infection. Pertussis, also know as “whooping cough,” will initially resemble an ordinary cold, but it may eventually turn more serious, particularly in infants. Whooping cough is most contagious before the coughing starts. The best way to prevent it is through vaccinations. But, despite the use of pertussis-containing vaccine, cases of pertussis have been on the rise in many communities nationwide, with an increasing burden of disease reported among adolescents and adults. Source: http://tristate-media.com/drr/news/local_news/article_c2665a30-ac6e-11dfbfc4-001cc4c03286.html 39. August 20, Palm Springs Desert Sun – (California) Indio fire forces health care center evacuation. More than 60 elderly patients were briefly evacuated August 19 when a fire broke out at an Indio, California health care facility. The fire started in the attic of Desert Springs Healthcare and Wellness Center, 82-262 Valencia Ave., shortly before 2 p.m. Twenty-three people — all of them patients of the health care facility — were taken to Eisenhower Medical Center in Rancho Mirage or John F. Kennedy Memorial Hospital in Indio as a precaution for heat-related illness or to check for smoke inhalation. “They’re elderly. It’s 112 degrees outside and a little too much for them to take,” a Cal fire spokesman said. The two-alarm blaze prompted about 60 firefighters to respond. Facility employees and firefighters helped evacuate 61 patients. To ensure no one succumbed to heat-related ailments, authorities used 10 fire engines — including a breathing support unit — and three ambulances to block off the street to create a makeshift triage scenario. Firefighters also carried couches onto neighbors’ lawns across the street, set up tents outside the building and wheeled patients into the shade. “Not every day do we run into a situation where we have to go to a health care facility and shift from a fire to a medical-type operation,” the Cal Fire spokesman said. The patients who were not hospitalized were back in the west part of the building, which wasn’t touched by the fire, within about an hour. Source: http://www.mydesert.com/article/20100820/NEWS0803/8200333/Indio-fireforces-health-care-center-evacuation - 15 - [Return to top] Government Facilities Sector 40. August 20, WIAT 42 Birmingham – (Alabama) Update - Explosion rocks UAB campus. A transformer exploded about 8 p.m. August 19 at the southside substation run by Alabama Power in Birmingham. About a hundred students were at the University of Alabama at Birmingham’s (UAB) Mervyn H. Sterne Library, which is adjacent to the substation, at the time of the explosion. The library, along with a few other adjacent buildings, was evacuated. And authorities worked to close off the street to regular traffic. The substation sits off 13th Street South, between University Boulevard and 11th Avenue South. The explosion caused outages along 13th, and also at a handful of traffic lights at nearby intersections. Source: http://www.cbs42.com/mostpopular/story/Update-Explosion-Rocks-UABCampus/kz7hU2QsMUGaLj8PGR9k1Q.cspx 41. August 19, New Haven Register – (Connecticut) Laptop with Social Security numbers stolen from UConn West Hartford. University of Connecticut officials are investigating the theft of a laptop computer from its West Hartford campus that contains the names and Social Security numbers of 10,174 applicants, many of whom were selected for consideration to attend the regional campus. This is the second incident of a missing laptop with sensitive information made public this week. The state attorney general is investigating the theft of a laptop from the Yale School of Medicine that contained clinical health information for approximately 1,000 patients. UConn officials said the theft of its laptop, which was being kept in a storage cabinet at the West Hartford campus information technology department, was discovered August 3. They said steps have been taken to prevent unauthorized access to the university through this computer, and there is no indication it was stolen for the purpose of identify theft. Source: http://www.westhartfordnews.com/articles/2010/08/19/news/doc4c6d6ca4879e499189 9745.txt 42. August 19, Associated Press – (International) Pentagon takes aim at China cyber threat. The U.S. for the first time is publicly warning about the Chinese military’s use of civilian computer experts in clandestine cyber attacks aimed at American companies and government agencies. In a move that is being seen as a pointed signal to Beijing, the Pentagon laid out its concerns this week in a carefully worded report. The People’s Liberation Army, the Pentagon said, is using “information warfare units” to develop viruses to attack enemy computer systems and networks, and those units include civilian computer professionals. The assertion shines a light on a quandary that has troubled American authorities for some time: How does the U.S. deal with cyber espionage emanating from China and almost certainly directed by the government — despite the fact that U.S. officials don’t have or can’t show proof of those ties? Asked about the civilian hackers, a Defense Department spokesman said the Pentagon is concerned about any potential threat to its computer networks. The Pentagon, said a - 16 - spokesman will monitor the PLA’s buildup of its cyberwarfare capabilities, and “will continue to develop capabilities to counter any potential threat.” Source: http://www.google.com/hostednews/ap/article/ALeqM5i49n7xcjIHBv_Uq9SOjyP7vs6f 8wD9HMP8R00 43. August 19, Austin American-Statesman – (Texas) Fort Hood gate briefly closed after explosive trace found. Officials in Fort Hood, Texas, temporarily closed the East Range Road gate early August 19 after gate guards discovered a cement truck with possible traces of explosive residue during a routine vehicle search. The guards immediately alerted Fort Hood Emergency Services who set up a full security perimeter around the vehicle in question. All traffic was redirected to other gates while further tests were conducted. These tests indicated that the vehicle did not contain any explosives, and the gate was reopened to all vehicular traffic. Source: http://www.statesman.com/blogs/content/sharedgen/blogs/austin/blotter/entries/2010/08/19/fort_hood_gate_briefly_closed.html?cxntfid =blogs_the_blotter 44. August 19, Seattle Times – (Washington) PCB contamination found in King County Youth Services Center courthouse. Employees in King County’s problem-plagued youth services center courthouse in Seattle will be moved as soon as possible because of contamination by toxic PCBs that have spread from window caulking to carpets inside and soil outside. Although the potentially cancer-causing chemicals were found only at low levels indoors and are not believed to pose an immediate health risk, a superior court presiding judge said managers in several departments have concluded that courts and offices for prosecutors, social workers, probation officers and clerks must be moved to other locations while the problem is fixed. “We’re taking this very seriously and we’re working on it on an emergency basis,” a judge said. “Our goal is to relocate the employees out of there as fast as we can so that the remediation can be completed in the most cost-effective manner and in a way that protects the public and our employees. We are scrambling right now to determine literally how many days it will take us to come up with a plan to evacuate the building.” A spokeswoman for the department of executive services said the courts will be moved within the next several weeks because it would be too difficult and costly to remove hazardous materials while business is being conducted in the building. Source: http://seattletimes.nwsource.com/html/localnews/2012668774_pcbs20m.html For another story, see item 45 [Return to top] Emergency Services Sector 45. August 19, KHBS 40 Fort Smith – (Arkansas) Emergency responders conduct fullscale disaster drill. August 19, a joint training exercise was conducted on property owned by the Fort Smith Regional Airport in Fort Smith, Arkansas. The mock drill was - 17 - designed to promote coordination among emergency response agencies. This was the first time the full-scale disaster exercise was conducted at night. The scenario involved a collision between two planes. “The FAA requires us to exercise every year, and every third year (it’s) a full drill like we’re having this evening,” said the director of the Fort Smith Regional Airport. The 188th Air National Guard provides crash, fire and rescue services for the regional airport as part of a joint-use agreement. The exercise sent rescue teams into extremely dangerous conditions. Firefighters wore silver suits designed for use when flammable materials are part of the emergency. During the drill, a siren was sounded warning crews that a hazardous material had been detected. Firefighters backed away from the scene, while service calls went out for support teams from the Fort Smith Fire Department’s bomb squad and haz-mat team. Source: http://www.4029tv.com/r/24695622/detail.html For another story, see item 22 [Return to top] Information Technology Sector 46. August 20, The Register – (International) Researcher: Code-execution bug affects 200 Windows apps. About 200 Windows applications are vulnerable to remote codeexecution attacks that exploit a bug in the way the programs load binary files for the Microsoft operating system, a security researcher said August 19. The critical vulnerability, which has already been patched in Apple’s iTunes media player for Windows and VMware Tools, will be especially challenging to fix, because each application will ultimately need to receive its own patch, the CEO of application security consultancy Acros Security, told The Register. He agreed with a fellow researcher who on August 18 said the critical vulnerability is trivial to exploit. At the time, the second researcher estimated 40 programs were vulnerable, but security experts from Slovenia-based Acros have found that about 200 of the 220 applications they have tested so far suffer from what they are calling the binary-planting bug. They have yet to complete their inquiry. Acros researchers alerted Microsoft to the vulnerability about four months ago and have been working with members of its security team since then to coordinate a fix with the many affected parties. So far, what is known about the vulnerability comes mostly from an advisory Acros issued for the iTunes patch. The bug allows attackers to execute malicious code on Windows machines by getting the media player to open a file located on the same network share as a maliciously designed DLL file, it said. In some cases, the bugs can be exploited to execute EXE files and other types of binaries, as well, the researcher said. Source: http://www.theregister.co.uk/2010/08/20/windows_code_execution_vuln/ 47. August 20, Help Net Security – (International) Rogue AV uses legitimate uninstallers to cripple computers. The fact that some rogue AV solutions try to prevent the real ones from doing their job is widely known in the security community, but CoreGuard Antivirus — a “popular” fake AV solution - has been spotted utilizing legitimate software uninstallers to trick users into uninstalling their legitimate security software. - 18 - When the malicious file is executed, a message box opens up. Clicking on the “OK” button — or even on the “Close” button — starts the installer of the antivirus in question. Symantec researchers reveal that the fake solution searches for uninstaller information in the Windows registry and launches the right uninstaller for certain legitimate AV solution installed on the system, such as products from Microsoft, AVG, Symantec, Spyware Doctor, and Zone Labs. It then tries to download “AnVi Antivirus,” another rogue AV that is actually a clone of CoreGuard Antivirus. Source: http://www.net-security.org/malware_news.php?id=1437 48. August 20, Computerworld – (International) Google patches 10 Chrome bugs, pays out $10K in bounties. Google August 19 patched 10 vulnerabilities in Chrome, but did not award any of the researchers who reported bugs the new top-dollar reward of $3,133. The security update to Chrome 5.0.375.125 fixed two vulnerabilities rated “critical,” Google’s most serious threat rating, seven labeled “high” and another pegged as “medium.” Google divulged no details of the vulnerabilities, and as is its custom, blocked public access to its bug-tracking database, a practice meant to keep attackers from using the information before most users have upgraded. Some rivals, such as Mozilla, do the same; others, like Microsoft, do not. Google often blocks access to information on serious vulnerabilities for two months or longer. Of the 10 vulnerabilities, two could apparently be exploited by malicious files, including SVG image files and MIME-type files. Others could potentially be used to spoof the address bar’s contents or reveal a password. According to a blog post by a researcher of the Chrome team, Google also added a workaround for a critical bug in non-Google code. Source: http://www.computerworld.com/s/article/9181060/Google_patches_10_Chrome_bugs_ pays_out_10K_in_bounties 49. August 19, Krebs on Security – (International) Adobe issues Acrobat, Reader security patches. Adobe Systems Inc. issued software updates August 19 to fix at least two security vulnerabilities in its widely-used Acrobat and PDF Reader products. Updates are available for Windows, Mac and UNIX versions of these programs. Acrobat and Reader users can update to the latest version, v. 9.3.4, using the built-in updater, by clicking “Help” and then “Check for Updates.” The August 19 update is an out-ofcycle release for Adobe, which recently moved to a quarterly patch release schedule. The company said the update addresses a vulnerability that was demonstrated at the Black Hat security conference in Las Vegas. The release notes also reference a flaw detailed by a researcher back in March. Adobe said it is not aware of any active attacks that are exploiting either of these bugs. Source: http://krebsonsecurity.com/2010/08/adobe-issues-acrobat-reader-securitypatches/ 50. August 19, The Register – (International) Linux kernel purged of five-year-old root access bug. The Linux kernel has finally been purged of a privilege-escalation vulnerability that for at least half a decade allowed untrusted local users to gain unfettered rights to the operating system’s most secure locations. Maintainers of the central Linux component issued a patch recently that killed the bug, which allowed - 19 - unprivileged users to gain root access. While Linux overlords stopped short of declaring it a security vulnerability, they stressed that the patch should be installed as soon as possible. The vulnerability was described as long ago as 2005 by a researcher, but it remained largely overlooked until a researcher at Invisible Things Lab started investigating related issues. In a PDF paper published August 17, he outlined a method that exploits the underlying bug using the Xorg server, which is instrumental in providing graphical user interface functions in Linux and is also referred to as the X server. The memory-corruption bug stems from two memory regions of the X server that grow in the opposite directions in the address space, an attribute inherited from the x86 architecture designed by Intel. Attackers can force the two regions to collide, causing critical control data to be replaced with values that allow the X server to be hijacked. The bulletin accompanying the kernel fix described the implementation of “a guard page below a grow-down stack segment.” It’s a fairly exotic exploit, and can only be used locally, unless combined with an unrelated vulnerability. Source: http://www.theregister.co.uk/2010/08/19/linux_vulnerability_fix/ 51. August 19, InformationWeek – (International) Chrome, Safari see surge in vulnerabilities. Web application vulnerabilities during the first two quarters of 2010 represent a smaller percentage (66 percent) of total commercial application vulnerabilities (4,019) than they did during the latter two quarters of 2009 (82 percent of 2652). But Web application vulnerabilities during the first half of the year (2,645) were about the same as the total number of vulnerabilities in commercial apps detected during the second half of 2009, while the overall number of application vulnerabilities in 2010 increased by 50 percent. As noted in the Cenzic Q1,Q2 2010 Trends Report, some 60 percent of these Web vulnerabilities still have no fix available and exploit code is publicly available for about 45 percent of them. Comparing the Q1/Q2 2010 period to the Q3/Q4 2009 period, the report observes that while Mozilla Firefox and Microsoft Internet Explorer had fewer vulnerabilities (59 vs. 77 and 40 vs. 44, respectively), Apple Safari and Google Chrome exhibited far more vulnerabilities (83 vs. 25 and 69 vs. 25). Nonetheless, all browser makers have addressed vulnerabilities promptly, Cenzic says. Cenzic attributes the soaring number of vulnerabilities in Safari and Chrome toWebKit, the open-source rendering engine used in both browsers, and to iPhone and Android flaws. Source: http://www.informationweek.com/news/storage/security/showArticle.jhtml?articleID=2 26700519 For more stories, see items 12 and 42 Internet Alert Dashboard To report cyber infrastructure incidents or to request information, please contact US-CERT at sos@us-cert.gov or visit their Web site: http://www.us-cert.gov Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and Analysis Center) Web site: https://www.it-isac.org - 20 - [Return to top] Communications Sector 52. August 19, IDG News Service – (National) Trade groups oppose mandatory FM on mobile devices. Trade groups representing consumer electronics makers and mobile carriers have voiced opposition to a recent proposal by the radio and recording industries to require all mobile devices in the U.S. to include FM receivers. The proposal, made by the National Association of Broadcasters (NAB), comes as the trade group attempts to come to an agreement with a group affiliated with the Recording Industry Association of America (RIAA) in a longstanding battle over whether radio stations should pay royalties to record labels and performers for playing their songs. The NAB released the framework of a potential compromise over so-called performance royalties earlier this month: Radio stations would pay a royalty of 1 percent or less, and in exchange the U.S. Congress would require all mobile devices to include FM receiver chips. Source: http://www.computerworld.com/s/article/9181018/Trade_groups_oppose_mandatory_F M_on_mobile_devices 53. August 19, V3.co.uk – (International) BlackBerry emails can be monitored, says India. Indian officials may have come up with a way of monitoring encrypted corporate e-mails sent from BlackBerry devices, according to a government source. The method involves intercepting and making a copy of a corporate e-mail at the moment it is sent to a company’s enterprise server, and then sending it on to the ISP’s monitoring systems. “Enterprise mail services offered on BlackBerry platforms and other services provided on virtual private networks can possibly be monitored by feeding back a clear e-mail from the enterprise e-mail server to the monitoring system located at each of the ISPs’ premises,” said the Indian Department of Telecommunications, according to a report in the local Economic Times. It is still unclear whether the Indian authorities are looking to decrypt data, or would be happy with monitoring encrypted communications. Source: http://www.v3.co.uk/v3/news/2268476/rim-reaches-deal-bes-email 54. August 19, Compterworld – (National) RFID tags found to work better in building ducts. A research team at North Carolina State University has used a building ventilation duct to at least triple the normal distance that radio waves emitted from passive radio frequency identification (RFID) tags can travel over open space. The discovery means that a small, inexpensive RFID tag could be used to wirelessly transmit data from any temperature sensor, smoke detector, carbon monoxide monitor or a sensor to detect chemical, biological or radiological agents in a large building, according to one of the main researchers and head of the university’s department of electrical and computer engineering. He told R&D magazine that using the RFID tags with electronic sensors could be “immediately economically viable” because it would mean the wiring and the labor to install the wiring would not be needed to connect a building’s various sensors. The research will be published in the September issue of - 21 - Proceedings of the IEEE, according to a synopsis in R&D Magazine. Source: http://www.computerworld.com/s/article/9180947/RFID_tags_found_to_work_better_i n_building_ducts [Return to top] Commercial Facilities Sector 55. August 20, Portsmouth Herald – (New Hampshire) Experts confirm device on Rye beach was pipe bomb. Police August 19 confirmed the suspicious device found on Jenness Beach in Rye, New Hampshire was a pipe bomb that could have caused harm if ignited. The Rye police chief issued a statement saying his department had received information from the public and is continuing to work with state police and the FBI to locate the origin of the pipe bomb. The incendiary device, described as a silver pipe about 8-inches long, capped at each end, with a wick coming out of the side, was discovered along the water line around 6 p.m. August 14 by a beachgoer. Source: http://www.seacoastonline.com/apps/pbcs.dll/article?AID=/20100820/NEWS/8200373/ -1/NEWSMAP 56. August 19, Muskogee Phoenix – (Oklahoma) Motel fire blamed on meth lab. A fire that began early August 19 at a Muskogee, Oklahoma motel is being attributed to a methamphetamine lab. The fire began at about 12:10 a.m. at the Catalina Motel. An assistant fire marshal estimated damage to the building at $15,000 and another $7,000 for the contents. The motel’s maintenance man said someone knocked on his door and said there was a fire in the room two doors down from his. He grabbed a fire extinguisher and tried to put out the fire. “By the time he notified authorities, all the occupants were gone,” the Muskogee Police Department said . When firefighters realized meth was being manufactured in the room, they called out the police and a person trained to deal with hazardous materials. The person the room was registered to was in jail, but police said they have some leads in the case. Source: http://muskogeephoenix.com/local/x1668174806/Motel-fire-blamed-on-methlab [Return to top] National Monuments and Icons Sector 57. August 20, CNN – (Arizona) Manhunt ends with arrests of Arizona escapee, alleged accomplice. A tip from an observant forest ranger led to the arrest of an Arizona prison escapee and his alleged accomplice who had been on the run since last month, authorities said late August 19. The pair was arrested at a campground on the edge of Apache and Sitgreaves National Forests in Springerville, Arizona, according to a U.S. Marshal. A park ranger noticed an unattended fire at a campsite and spotted a suspicious car backed into some trees, authorities said. A license plate check - 22 - determined it matched the description of one recently stolen in New Mexico, near where a couple was murdered. The two suspects are suspected in the killings of the couple, whose bodies were found in their burned out camper this month, according to authorities. A SWAT team from the Apache County Sheriff’s Department was called to the campground site, where they made the arrests. Authorities said the accomplice attempted to pull out a gun tucked in the small of her back, but SWAT members were able to stop her before the weapon was fired. The prison escapee was lying down outside a domed tent and said later he should have fired at the deputies and the park ranger. Source: http://www.cnn.com/2010/CRIME/08/20/arizona.escapees/?hpt=Sbin 58. August 20, Eugene Register-Guard – (Oregon) Crews get the jump on lightningcaused fires across the Willamette National Forest. Dozens of small fires continued to simmer in the Willamette National Forest in Oregon August 19, but many are contained and the largest cover only a few acres, forest officials said. Lightning from thunderstorms earlier in the week left a trail of more than 90 smoldering or blazing patches stretching across the national forest. Smokejumpers and two interagency hot shot crews along with several engines and two helicopters are assigned to the firefighting effort. The Oregon Department of Forestry has pitched in and taken the lead on fighting some of the lightning fires. Many of the fires on the McKenzie River and Middle Fork Ranger Districts have been contained, officials said August 19. More than 40 fires were found on the Detroit Ranger District. Some have been suppressed, but a number remain active, including four in the Mount Jefferson Wilderness. The largest fire is about 5 miles south of Detroit Lake on Lucky Butte and is estimated at 6 acres. The Forest Service is hitting the Lucky Butte fire and surrounding trees and undergrowth with water bucket drops from helicopters. Source: http://www.registerguard.com/csp/cms/sites/web/updates/25199219-55/firesforest-lightning-thursday-contained.csp 59. August 19, KBZK 7 Boozeman – (Wyoming) Yellowstone National Park fire burns 75 acres. Strong winds near the east entrance of Yellowstone National Park in Wyoming brought to life a fire that ignited from a series of lightning storms that passed through the area more than a week ago. The 75-acre East Fire is burning within a few miles of the park’s east entrance, but officials report that the blaze has not forced any closures and the that the fire is not posing a threat to park visitors. Firefighters spent August 19 setting up precautionary structure protection for the developed area around the east entrance to the park. Source: http://www.kbzk.com/news/yellowstone-national-park-fire-burns-75-acres/ 60. August 19, Portland Oregonian – (Oregon) Deschutes River sites evacuated due to fires; D. Harris fire near Maupin upgraded to conflagration. Wildfires forced the evacuation August 19 of recreation sites around the Deschutes River in the Maupin area of Oregon. The Central Oregon Interagency Dispatch Center said the area included the Oasis, Blue Hole, Oak Springs and White River campgrounds as well as day use of the river. Helicopters were scooping water to drop on the Devil’s Half Acre fire, which reached 500 acres. It was paired with the nearby Falls Canyon fire, at 3,200 acres, and - 23 - dubbed the Lower Deschutes complex. Late August 19, Oregon’s governor declared another blaze near Maupin, the D. Harris fire, a conflagration. That authorized the state fire marshal to mobilize crews and equipment to help local firefighters. Portland metroarea firefighters were deployed to the Maupin area about 8 p.m. Maupin residents were advised to gather up valuable papers, irreplaceable items, medications and an overnight bag with personal items in case they have to leave. Meanwhile, the Oak Flat fire, about 20 miles southwest of Grants Pass, reached 1,250 acres. Crews reported it was 15 percent contained, and fire lines and burnouts around it were nearly completed. The Illinois River corridor in the area remained open despite smoke. Source: http://www.oregonlive.com/pacific-northwestnews/index.ssf/2010/08/deschutes_river_sites_evacuated_due_to_fires_d_harris_fire_n ear_maupin_upgraded_to_conflagation.html For another story, see item 61 [Return to top] Dams Sector 61. August 20, Medford Mail Tribune – (Oregon) Blue Ledge mine breach halts cleanup. An excavator in Oregon removing contaminated tailings from an old copper mine high in the Applegate River drainage breached an unmapped tunnel filled with water August 18, raising fears that toxic materials may have made their way into a nearby creek. The breach of the Blue Ledge copper mine prompted the firm removing the contaminated material as part of a $11.1 million clean-up effort to halt the work in that area until the site could be checked for more tunnels not shown on available maps, said a spokesman for the Rogue River-Siskiyou National Forest. The mining tailings are laced with a heavy-metal mix of arsenic, cadmium, copper, lead, sulfuric acid, and zinc. While it is not known yet if the waters carried the toxins, the flow from the breach temporarily turned Joe Creek brown. Joe Creek flows into Elliot Creek, which flows past the tiny community of Joe Bar where residents rely on shallow wells near the stream for their domestic water supply. “The Spider [excavator] ran into an unmapped adit (tunnel entrance) at the base of the rock and breached the adit, which was full of water,” he said of the work being done on the steep slope. The toxic tailings reclamation project, funded by federal stimulus dollars, is an effort to remove the heavy metals that have been polluting the upper drainage for decades, according to forest officials. About 48,000 cubic yards of hazardous materials are expected to be removed from the mine and placed in a nearby repository. Engineering/Remediation Resources Group Inc. of Martinez, Calif., has been contracted to do the work, which is not expected to be completed until next summer. Source: http://www.mailtribune.com/apps/pbcs.dll/article?AID=/20100820/NEWS/8200330 62. August 20, WPRI 12 Providence – (Rhode Island) Violation issued to Blue Pond Dam owner. The Rhode Island Department of Environmental Management (DEM) has issued a Notice of Violation (NOV) to the Ashville Corporation and its parent - 24 - company, Green Plastics Corporation, for failing to maintain the former Blue Pond dam in a safe condition. The former dam and pond are located Hopkinton, just north of Canonchet Road. The dam ruptured March 31 during historic floods, and released approximately 180 million gallons of water that damaged town roads and private property in Hopkinton. Blue Pond dam was deemed a significant hazard dam, which is a dam where failure or mis-operation can cause major economic loss such as a washout of two or more roads or structural damage. DEM officials said they acted because the dam owners had been warned previously by engineers that the dam was unsafe and required repair. The owners failed to act to correct the unsafe condition which led to the rupture. Ashville Corporation and Greene Plastics Corporation have 20 days from the receipt of the NOV to request a hearing before DEM’s Administrative Adjudication Division. Source: http://www.wpri.com/dpp/news/local_news/south_county/dem-issuesviolation-notice-to-owners-of-blue-pond-dam [Return to top] - 25 - DHS Daily Open Source Infrastructure Report Contact Information About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/iaipdailyreport Contact Information Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at 703-872-2267 Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes. Removal from Distribution List: Send mail to support@govdelivery.com. Contact DHS To report physical infrastructure incidents or to request information, please contact the National Infrastructure Coordinating Center at nicc@dhs.gov or (202) 282-9201. To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or visit their Web page at www.us-cert.gov. Department of Homeland Security Disclaimer The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material. - 26 -
